Advertisement

International Bodies

02/25/2014

Mainly because of the war in Syria -- which is backed by Iran and Russia -- and the consequences of trying to take on these vicious states directly or indirectly, in reality or in virtuality.

Typically this debate devolves instantly to the implications of making and using -- and losing control -- of Stuxnet, which was used by the US against Iran's nuclear system - and never looks at the larger problem of the rogue nuclear state under theocrats who are willing to mass-murder their own civilians who protest against their oppression, and assassinate their critics abroad.

THE CAPITALIST TOOL IS HACKED

There might be reference to the Syrian Electronic Army, which hacked Forbes last week. (Note in reading that piece how organized, cadre-like, rigidly ideological and extreme that organization is, i.e. showing signs of training, far from the "looseknit group of hackers" people sometimes claim it is "not affiliated with any government". And note the chatty and friendly journo who friended these hackers in order to understand their sad childhoods, seemed utterly gullible on this point: "He said they are self-funded, not supported by an outside group or the Syrian government as has been alleged." Right. Then see Andy Greenberg's enthusiastic account of his own employer's hacking, which I had hoped might make him sympathize with hacker victims more -- except I think he just finds it too intellectually exciting to follow their antics.)

Maybe you can start to see the problem here.

As always, it's hard to have this conversation about Syria and cyberwarfare meaningfully in the liberal "arms control" strait-jacket that myopic anti-Americans want to put it into.

I immediately note that the East West Institute is not an honest broker for this process, in my view. It was pro-Soviet in the 1980s and remains under the exact same leadership as it had then, and is rather uncritical of Russia today -- it's a think tank that has to maintain access to the Kremlin to stay in business. That means it isn't getting to the heart of the problem that would have to precede any accord: candid admission that the real problem originates in Russia's awful human rights record in meat-world, first; its propping up of the tyrannies of Iran and Syria; its cyber attacks on Western Europe and the US which are overwhelming in number by contrast to whatever dirty tricks might be put on the Western docket; and the Kremlin's unwillingness to admit this, obviously.

It's great that 40 think-tankers self-selected in this process tilting toward the Kremlin are making little rules about spam that even Russians might sign, but that is beside the point -- and lumping together that process with NATO in Tallinn really is disingenuous (these initiatives come from very different places with different goals).

Sure, it would be nice to have a kind of new "Helsinki Accords" of cyberwarfare, where states got together and solemnly pledged not to use these new and powerful and unpredictable forms of warfare against each other.

I used to talk about this more hopefully a few years ago - I remember a year ago or so at one of the Brussels Forums special sessions on cybersecurity, my tweeted question about the possibility of "Helsinki talks" like this even got on the list, and was even discussed by people like Estonian President Toomas Hendrik Ilves. But here's the thing -- and I believe he was the one to make this point at the time -- it's kind of hard to have a new Helsinki Accords sort of agreement on something this complicated when the existing Helsinki Accords and its institutional framework --the Organization for Security and Cooperation in Europe -- have such a very difficult time getting Russia to concede to basic principles of human rights and even arms control these days.

Russia has been very, very busy crippling the capacity of the OSCE in recent years by doing everything from challenging its human rights budgets to demanding re-negotiation of its principles in a new "security charter" that would benefit its Eurasianist take on life, ruining all the progress seemingly made in the last 35 years on these principles. (Russia is also busy trying to kill the UN treaty bodies' system in exactly the same way, with little publicity or pushback.)

In a climate where Russia is being as bad as it can be at home, say, to NGOs or demonstrators, as well as abroad, in backing up the Syrian tyrant and pressuring Ukraine and even supplying help with some of the deadly force used by the Yanukovych government against demonstrators, how could you possibly open up a new treaty (or "non-binding agreement") process with them on cybersecurity?! You couldn't. The same factors that make for insecurity in cyberspace -- Russia making the overwhelming lion-share of attacks on Western Europe in both political and commercial hacks - are the factors that make a poor climate for negotiation. The problem starts with Russian denial of the problem -- and Western European reluctance to call out what the real issue is -- the Kremlin.

So, hey, in the absence of any Realism from the Kremlin, or Realism from the EU regarding what the real source of the problem is -- Russia -- let's by all means just myopically focus on the US, mkay? Hence the New York Times, fretting about all this.

You can see how all this has been nicely set up by America's enemies:

The head of the N.S.A., Gen. Keith B. Alexander, said in an interview last year that such weapons had been used only a handful of times in his eight-year tenure.

But Syria is a complicated case, raising different issues than Iran did. In Syria, the humanitarian impulse to do something, without putting Americans at risk or directly entering the civil war, is growing inside the administration. Most of that discussion focuses on providing more training and arms for what are seen as moderate rebel groups. But cyberweapons are in the conversation about stepping up covert action.

Part of the argument is that Syria is a place where America could change its image, using its most advanced technology for a humanitarian purpose.

“The United States has been caught using Stuxnet to conduct a covert cybercampaign against Iran as well as trawling the Internet with the massive Prism collection operation,” Mr. Healey wrote recently, referring to the N.S.A.’s data-mining program. “The world is increasingly seeing U.S. cyberpower as a force for evil in the world. A cyberoperation against Syria might help to reverse this view.”

Of course, Iran has been caught ruthlessly suppressing its population, arming local insurgents and terrorists, propping up the mass crime against humanity in Syria, pressuring Israel, and receiving Putin on a mission to resume arms sales from Russia. Not to mention obstructing the Internet and hacking enemies. But do let us keep that focus on the US as the "force for evil in the world."

Let me suggest that Obama is really not the one to be adjudicating this entire debate, given that his premises and principles, drawn from his days in and around the Democratic Socialists of America, would not give him the intellectual framework to do anything else other than Blame America First.

THOSE NASTY TACTICS AGAINST HACKERS BY THE NSA!

There's another interesting context to this "agonizing" debate on Syria surfacing now in the New York Times -- i.e. being leaked by some participant in it in the Administration who wants to force Obama's hand in one way or another - and that's the diabolical work of First Look, Glenn Greenwald's new blog funded by Pierre Omidyar.

Interesting how these two topics -- US contemplating cyberware on Syria and Iran and the Western tactics said to be used on Anonymous -- come together in Leak-land this week, eh?

And there, too, to hear Glenn tell it, there is absolutely no past to this story, and nothing ever occurred before these slides were created.

THE DISCUSSION WE'VE BEEN HAVING ON THIS FOR YEARS, YOU KNOW

Of course, if you followed my blogs for the last 10 years -- my, it's been a long time -- you'd know that the issue of the hackers came first. THEY used these awful methods FIRST.

And, as Gus on Twitter has pointed out, the hacker methods are the "Saul Alinsky methods". Except, Saul didn't invent them, they came ultimately from Lenin and anarchist and communist movements a hundred years ago, and percolated their way into the Students for a Democratic Society, and the more radical Weathermen, and other groups and movements that drew on these ideologies. These methods include things like freezing a target and assaulting him with one-sided attacks, particularly trying to show that he is not what he seems because he does something that is at odds with his supposed public stance, especially if that is perceived as moral.

So, for example, in modern terms, if you are in Moveon.org or one of these moronic leftist online movements, you will take something like a corporation, which you hate for ideological reasons because you hate capitalism, and then pick out something that it does which is at odds with its purported public persona, i.e. capitalist. So you accuse it of receiving "corporate welfare" or getting tax cuts or benefits from the state -- at oddds with its belief in go-it-alone hard-scrabble can-do free enterprise.

Then you compare and contrast what conservatives say about "welfare queens" or "spongers on public dole" -- poor people, the jobless, minorities without access to good jobs -- and then apply that rhetoric to your frozen target. Voila. That these are very different types of support with very different outcomes doesn't matter; the point is to pervert the meaning of language and use it in a bad-faith manner.

Greenwald tunes into this issue with his Snowden-leaked document as if there was no history of even the cheer-leading tech press documenting the massive assaults by hackers on government, corporate, nonprofit, and media websites, not to mention individual blogs. As if something like the Syrian Electronic Army attack on Forbes never happens.

It's a good time to remember some of the discussion even of only three years ago about the assaults caused by WikiLeaks and Anonymous -- which, after all, attacked the US government *first* with, um, WikiLeaks itself (my, how quickly people forget the basics!)

The vicious attack on me from the old Alphaville Herald (Second Life press) for getting such high-profile attention by being on Wright's show, and debating him directly. This is of course the work of Peter Ludlow, the linguistics professor who supports Anonymous and WikiLeaks ardently, and his sidekick Mark McCahill, Internet pioneer and lover of hacker mayhem himself.

If you read the comments at the Herald, I am mercilessly ridiculed and heckled for taking this position, and even accused of somehow queering a job prospect for some kid (a start-up genius who got millions of dollars -- who then failed, and got more funding -- yeah, right). But do read the comment there from mercury which sums up my position and its ramifications very well.

Don't forget that this a lot like Russia buying South Koreans or Brazilians to win the Olympics: the agencies in our country feel they "have to" have hackers on their teams to win, so they bring them in -- and suffer the consequences (Snowden).

So again, the question I have for Greenwald and all the Snowdenistas: how come you're tuning into this topic YEARS LATER, after the hackers HAVE DONE THIS FIRST?

I mean, even the last three years of this debate, given the links I've just provided, would clue you in. Lots of people discussed Anonymous' use of the DDoS, very much backed up by WikiLeaks (and we now know they even recruited hackers to help them fight their enemies like PayPal) -- and the usual suspects like Morozov and TechPresident and Slate and Zeandt all endorsed the use of this awful method of crashing other people's servers. Where were you?

HACKERS ATTACK SNOWDEN CRITIC

And this isn't somehow an abstract notion that happens to other people, oh, those corporations like PayPal that have phalanxes of engineers to fix their hacker problems in a few days.

It's a very real climate of intimidation that Snowden critics really live with (as I can testify myself -- one only has to look at the drive-by assaults on my book on amazon and the type of methods used in making "reviews" to understand that).

We discover that Lawfare Blog has been under assault for its criticism of Snowden and has had its server crashed and disabled repeatedly.

And because comments can get so drowned out there, let me reprint here my thoughts on the hacking of Lawfare:

I don't wish this experience on my worst enemy, but in a way, Ken, I'm glad you are finally seeing up close and personally the strength, ugliness, persistence and sinister nature of the hacker movements that otherwise libertarians tend to dismiss as mere "trolls" or "kids". It's important to see that these are hard-core, echeloned cadre organizations sometimes even with hostile state backing. And they really are determined to make sure that no one uses the Internet in any way that they don't approve first. I say this after blogging for 10 years.

One way to try to combat these movements is to use commercial blogging sites, so that the headaches of these attacks and subterfuges go on the engineers at these sites who are more experienced. But the problem is the hacker culture is among them, too. And large and busy commercial sites don't always understand not to respond to falsified DMCA takedown notices on fake grounds which are merely meant to chill speech. Or to realize that malicious inclusion of your blog site in a malware list on sysadmin's lists when of course you have no malware is very hard to undo. Another technique is to deluge your site with porn or commercial spam to force you to close or remove comments -- I have found it not uncommon to get 20,000 pieces of spam injected on my site by bots in an hour just to stop me from being able to keep comments open or from posting as the site hangs.

The only way to address this is to start documenting and fighting it like the human rights abuse that it is. But you have to change your mindset about it first. It's not really so much about cost, as you can get a commercial site for $14.95 or $21.95 a month. But it's about combating on a systematic basis and constantly documenting and reporting.

So when Glenn Greenwald is ready to concede free speech for thee and not just for me, and concede that Lawfare shouldn't be hacked by his friends, then maybe we can talk. Except, I probably wouldn't even begin the conversation with them since the entire thing is in bad faith.

As usual, all these slides and documents from the NSA are context-free and we don't know the most important thing: were these concepts used?

Is there a list of actions taken as a result of these concepts?

Or is it more like HBGary planning to hack Anonymous but not getting to it?

IF these methods were used, then surely we can get *some facts*. You know, names, dates, places, wind chill factors. Details.

Of course, all these hacker movements are "injured if not innocent" at best -- and I'd love to have a conversation about how everyone thinks they will be stopped -- along with the Syrias of the world -- if we are supposed to adhere to an ethics charter that no one else has signed or implemented.

That conversation can only start with a conversation about where the problem started and who is to blame.

BTW, read the obnoxious Christine Fair's timeline, if you want to see some Twitfights recently on the "who started it theme" in Central Asia, where everybody naturally blames the US for the Taliban (false), and she helpfully points out to a debater that aid to the Afghan rebels went through Pakistani intelligence -- which props up the Taliban even today. Then her various insincere and anonymous interlocutors rant about CIA dirty tricks in the 1950s in Latin America or Africa or Asia, to which I can only say: two wrongs don't make a right, i.e. moral equivalence is wildly out of order here given the mass crimes of humanity perpetrated by the Soviets from the 1900s through the 1940s in particular -- which help set up the Cold War.

The Helsinki Accords, begun before the Soviet invasion of Afghanistan and persisted in negotiations with Kremlin henchmen even as they prosecuted this war in the 1980s, eventually was a framework that bore fruit in terms of the free flow of people and ideas. But while it was helpful in breaking up the Communist bloc and saving some countries for the EU -- and bringing Central Asia into a context of care that it really has nowhere else -- it has suffered terrible reversals in the last 10 years in particular. I guess I would have to conclude for now that the cybersecurity issues cannot be successfully grafted on to OSCE (although that's likely where some will graft them) and that a new Helsinki Accords of any kind, least of all on cybersecurity, will not work.

Meanwhile, I don't plan to become a booster of American use of cyberwarfare any more than I am a booster of drones -- I just expect to remind those raging about these issues that they are horrificially onesided in their approach.

As much as the international jet-set wants to get the leader of the democratic West out of the norm-setting business and leave it vulnerable to autocratic thugs in furtherance of their own political agenda, they failed.

Remember when Andrew McGloughlin, the Google lobbyist (who has held a wide variety of positions since leaving Google but continues to represent the Google business model) talked about the need to "knee-cap" the ITU?

NGOs lost that struggle, as did the US, because the might of the Arab League and the post-Communist states is greater than the West. (They should appreciate that more than they do and undermine the West less.)

I thought that command of Andrew's was rather thuggish -- and overly optimistic, given the realities of the real knee-cappers and thugs of the world, which are Russia, China, Iran, Pakistan, Cuba, Sudan, etc. -- and not the Western democracies. Oh, and not Google, either.

I'm not a fan of the use of the word "knee-cap" as you might imagine -- I think it's worth saving that word to describe the really outrageous practice of the Irish Republican Army and other terrorists and thugs, you know?

In any event, what happened here, really?

The US pushed back on a very one-sided and hypocritical resolution as I explained. Good!

The Germans and Brazilians were never bothered by outrageous and extensive surveillance from Russia, China, Iran and other thug nations when they massively controlled their citizens -- much less never bothered by Google or Amazon or any company massively sucking up data from their citizens in their transnational corporations.

As I explained, Germany didn't fix that "overreach" problem of the NSA, their long-time partner in spying on the very dangerous world we live in, by shutting down amazon.de or other sites that have helped them make Internet business billions because they can reach economies of scale and efficiency on their servers in the cloud.

No, we didn't see that solution, did we. China might be threatening Cisco's business, even though it did business with China when all these Internet freedom fighters bitched; but you don't see Germany doing more than mumbling about making everybody put servers in their country. Hell, they themselves don't even want to have keep everything on servers in their country, that's not how cheap cloud computing works.

Instead, we see the amplification of anti-Americanism where it is easiest, and the US is a soft target -- at the UN.

By "knee-capping," Lynch -- who has basically taken the Human Rights Watch position as he often does -- means that the original draft with the claim "violations" of privacy has been softened to "negative impact". Good!

Neither Human Rights Watch or the UN Human Rights Committee have ever researched, found, and then analyzed such a case. Let them. Let Merkel bring her case to the UN HRC and see how it fares.

The other issue at stake is "extra-terrestiality". Some find this to be co-terminous with "universality' but it is not.

There's a simple reason for this: no right is absolute, because it is defined by the extent to which absolutism might then encroach on another right (Art. 30 of the Universal Declaration of Human Rights, oft overlooked).

There is a legitimacy in a liberal democratic state to investigating and prosecuting crime -- surveillance is part of that. That's ok.

Frank La Rue and others copying his Soros-drafted language in his reports -- like Navi Pillay and even Ban Ki-Moon -- claim that states only "may" have a legitimate pursuit of law-enforcement. Not "do" -- which is of course what the UDHR and ICCPR and other documents affirm.

As I know from questioning La Rue personally and hearing him speak on this subject, he, like Bruce Schneier, is for absolute encryption of non-state actors, and thinks even law-enforcement shouldn't have routine access to online communications in any form even with a warrant. That is, he is vague about what proper warrant he might ultimately accept, and leaves aside the problem of non-state actors using uncrackable code that their managers, like Lavabits' Ladar Levison, will not cooperate with even warrant-holding officers to open up.

That vagueness is deliberate, because all of this is in service of ultimately de-legitimizing capitalist democratic governments in a revolutionary idealism advocating implicitly the overthrowing governments in the name of radical collectivist social change. (Technocommunism is the word I often use to describe this ideology, although its adherents often plead that they are merely "progressives" or merely "social democrats.")

People like Frank La Rue cloak their language in the mantle of "human rights" and "state accountability" and that's all grand, except that when you do peer at the fine print and do confront him, he concedes that he is for placing the non-state actor -- that agent of revolutionary change -- above a legitimate democratic state elected by those same non-state actors -- which is a heavily ideological leftist position at the end of the day. This isn't about the sanctity of individual rights; it's about assigning a special historical "change" role to only certain like-minded non-state actors like human rights and political activists to change states they don't like without due process.

Stepping through these arguments requires subtlety and most people get impatient with it, or simply call it witch-hunting. It's not about witch-hunting; it's about confronting ideological influencers with the actual logic and reality of their positions -- which are cloaked in human rights, but are ultimately antithetical to human rights -- which is why I bother.

In any event, the adherents of "Internet Freedom" pushing for punishment of the NSA's legitimate espionage activities, while blind to the illegitmate activities of Russia and China (let alone Google!) are for an extra-terrestrial internationalist application of a non-existent "right to privacy" in ways that they are never, ever for the application of extra-terrestrial rights that in fact all the parties to an agreement already have.

When it comes to the TPP agreement, for example, and intellectual property rights -- against piracy and protecting of copyright -- none of these NGOs are supportive of the concept of "extra-terrestrial" application of rights -- they want to remove intellectual property completely from the agreement!

That's why they are so obviously hypocritical and in fact politicized and lawless in their gambit here.

The "right to privacy" -- absolute encryption -- is "good" because they need it to further their political goals. Let that be extra-terrestrial even though there isn't any absolute right to privacy against states, and the role of states in protecting public order against crime is fundamental to international and domestic law.

But when it comes to intellectual property -- the encryption of which is sneered at by geeks as unworkable -- then we can't have that internationally, as that would get in the way of Internet anarchists and collectivists and their bid for control.

These contradictions are seldom noted, and least of all by the State Department. I wish they would formulate and articulate this contradiction more than they do -- the same forces undermining private property and intellectual property based on the notion of an individual or a corporation's ultimate right to privacy -- the protection of their property and their inventions! -- are suddenly absolutist when it comes to claiming privacy even from legitimate law-enforcement because it hinders their political bid for power on the Internet.

I keep thinking how Brazil and Germany were never motivated to mount a resolution like this when the Russian opposition's cell phone conversations or the Belarusian opposition's cell phone and Internet conversations were put online by the secret police and a hundred other things like that even inluding the open Russian plan to capture all metadata during the Olympics to oppose terrorism but also any anti-Kremlin protest. None of that moved these diplomats before because they know the UN, and didn't want to go up against Russia or China.

The US is a softer target.

So hence this resolution, really opposing the US and nothing else. By invoking it as a backlash against Snowden, they can get even Russia and China to tacitly agree because those authoritarians know that like all UN rights agreements, they have absolutely no intention of implementing them. And few countries -- least of all Germany or Brazil -- will ever have the guts to hold them to account around it, even though their privacy disruption is far worse.

Then there's the fact that the claims Snowden has made about the NSA have never been validated with actual cases and court decisions.

What I've been saying about the "Snowden revelations" and in particular the case of the alleged bugging of the Brazilian president's telephone conversations is that Rouseff should bring her case to the Human Rights Committee, the treaty body of the UN that actually already has plenty of privacy language to work with in the International Covenant on Civil and Political Rights.

She doesn't need a new resolution. Let her bring an actual case -- something that has been non-existent throughout the Snowden saga anywhere, in any venue (there is already one failed court case against the NSA run by the ACLU, which is having another run at it). And see if it could even be adjudicated! Merkel, too. Or, if they are concerned about never having had interstate complaints on the ICCPR (although there's no reason not to try one), let individual citizens of Germany or Brazil brings cases where they prove their privacy was eroded.

I wonder even with the tendentious review this might get in the HRC, if they could make their cases, given that...the content of their talks has never been revealed nor has it been confirmed that their calls were eavesdropped on in real time. No one has ever come up with a single case of an individual who can show his personal privacy was deliberately violated such as to harm his rights.

I'd love to be there when the HRC examines a case involving an indignant complaint that somebody listened in on...a Brazilian oil company -- the kind of oil company that NGOs usually scream about as a terrible violator of indigenous rights and environmental rights. Imagine, the HRC, at the UN, admitting that oil companies, of all things, have privacy rights. Go ahead, I'll wait, as they say...

No one would want extra-territorial *anything* nor making the US compelled to uphold it if it weren't for this anti-US campaign triggered by WikiLeaks and Snowden's hacker and activist-journalist friends. As we know, if they made an extra-territorial push for an end to reprisals for human rights advocates, as states at the Human Rights Council attempted to do yesterday, that would be killed by South Africa -- yes, South Africa! -- because they were mad at the ICC's "excessive attention" to Africa's mass murderers -- the ICC has tended to prosecute African tyrants rather than tyrants from elsewhere around the world. Maybe the others are harder to reach, i.e. like, oh, Russia, over its mass murder of Chechens and Dagestanis -- Russia, where Germany has vested business interests and a friendly foreign policy, or Iran, where a decided international lobby antagonistic to Israel wants to friend up this tyrant on the basis of promises, not performance.

(No, those countries haven't ratified the ICC statute, but then neither did some of the African states -- they got Security Council referrals that would be impossible on other regions of the world given the Russian and Chinese vetoes.)

Look, if you think this resolution is really in good faith, and really about privacy, you don't know how the UN works.

Germany has many other more effective ways of displaying its wrath, if it thinks its complaints about the encroachment by its long-time partner, the NSA, are founded. For example, yesterday we learned of the billions Germany has harvested in Internet business - they had a banner year in sales. A good chunk of their revenue comes from amazon.de -- hey, an American company, with servers located in America, whose innovation and cost reductions due to scale they can utilize to make profits. You don't notice Germany shutting down amazon.de or demanding that Amazon suddenly place all servers with German data on German territory under German control -- or it may come to that, and even Jeff Bezos' ownership of the Washington Post and considerable lobbying clout may not stop it.

But nary a word, because that's business, and that's money, and Germany and the US are heavily intertwined there.

Instead, what we get is this ding at the UN, which "doesn't matter" in a sense that it is just rhetoric," even though people like Dianna PoKempner, who has decided to make Human Right Watch's crusade against the NSA an aggressive personal project, think this is "soft power" that NGOs can manipulate via international fora to get their way. That's because they might fail at more more mundane work through democratic institutions at home with factions that oppose their anti-Western positions and leniency with tyrants like Russia and China.

BTW, I'm one of the human rights advocates who learned about these private negotiations before Lynch's article, but it didn't seem appropriate to leak the negotiating position of the US. Nowadays, there's a determined lobbying clique of NGOs starting with Electronic Frontier Foundation, Access, and other radical Internet activists who don't believe in private negotiations by states -- in fact, they don't much believe in states, period. They whined and whined about the secret negotiations of the TPP -- even after hackers got ahold of the secret documents somehow, we're not told -- either a bad-minded state party or leftist political party faction in a state leaked it, or it was actually hacked, we don't know.

But negotiations should be secret because that's how states can reach accommodations and compromises. The time to get your country to have a position you can support is before the international conference, at home, through the democratic process.

International negotiations, particularly those involving undemocratic states or states with very different positions, have to be done in secret to reach agreement. That's an axiom of international diplomacy that works -- and it works on the Disability Rights Treaty as much as the TPP.

It's ok to have secret negotiations in a hostile world where there are numerous enemies to basic universal human rights and values. The animus driving this issue about "secrecy" isn't really based on any value of transparency because it's more about anarchy -- these radicals do not accept that elected, legitimate liberal states like the US and Germany or even for that matter Brazil, whose record as a demoracy is not as good, should be able to negotiate in good faith on behalf of their citizens -- because they are elected.

The elected part bothers the anarchists because it goes against their brutal, nihilist grab for power themselves (anarchists who always oppose governments and try to make you think they are against big government and just for lovely little local collectives always forget to tell you the PS to the memo -- that in overthrowing others, they get in power, and are far less accountable or transparent themselves because they don't believe in voting or due process or democratic procedure -- they are all about coercive, collectivizing takeovers and pretend "consensus".)

At the UN, the leftist forces in Germany and Brazil in particular -- where parliamentarians wear Snowden masks and Glenn Greenwald has safe haven -- have succeed in pushing the Snowden backlash into the complicated and dull procedures of UN committees.

This is actually a process that long preceded Snowden, as this same concerted claque that pushes the extreme "Internet freedom" agenda at the UN -- against copyright, against intellectual property, against trade, against sovereignty of states, against any criminal oversight of the Internet to oppose terrorism and crime -- has been very busy already trying to undermine what they see as an "unacceptable' historical US control over the Internet and force through various measures.

When Elaine Donahoe, the ebay president's wife, an Obama campaigner and fund-raiser, was rewarded with an ambassadorship to the UN Human Rights Council, these radical NGOs leveraged the obvious interest in Silicon Valley in defeating pro-copyright and anti-piracy legislation (SOPA and PIPA) and under the guise of "Internt Freedom," got various measures put in -- here's the background on the "Internet Freedom" resolution. This let in dangerous wording that in fact brings in more state control under the invocation of the concept of "development" (i.e. in the technocommunist model, by states, or in the technolibertarian model, also by states they capture).

If this wife-turned-ambassador was getting her appointment in the Bush era, as a Bush fund-raiser, and her husband was the head of some less beloved Silicon Valley corporation, imagine the furor of the NGOs that business was using international fora to get its way in the marketplace. Not so when it's ebay -- as we're seeing about ebay founder Pierre Omidyar's support of Greenwald and others in a new radical media project.

There's a lot more boring background to this at the UN that few people have been paying attention to, which basically involves this same gang, with mainly Soros and other "progressive" funding, going to the UN to get language favourable to their ideological positions into various resolutions and mandates -- mainly because no one else bothers to show up and give some pushback to their blatantly sectarian maneuvers.

They have been particularly active at the international bodies that have aspirations to control the Internet -- the International Telecommunications Organization and the Internet Governance Forum. Brazil has pushed the latter heavily, just hosting the meeting, to get its own brand of socialist control over Internet affairs -- gathering all the usual anti-American fans in the process.

The IGF feigns support of what they call the "multi-stakeholder approach" -- as long as the stakeholder are things they like and control -- and it's important to note that ALL these NGOs are UTTER HYPOCRITES because FOR YEARS they've been in the Global Network Initiative with the likes of Google and even Facebook claiming to promote Internet rights. They were never, ever bothered by Google's massive data-vacuuming and Facebook's privacy-busting all those years. Instead, they sat by quietly while the GNI secretariat was mainly silent about things like the Internet being entirely shut down in whole countries or Internet journalists being jailed -- real freedom issues. Instead, they pushed for things like the right to keep a Youtube of a disabled boy being humiliated and bullied online in Italy despite a court action -- in the name of "freedom of expression" -- which was really a business issue for Google to keep their California Business Model intact (let everyon upload freely, chase over copyright or legal issues later, after the ad revenue is scoopd up). You don't hear so much about GNI anymore... in fact, EFF dramatically left it, funny...

This gang has promoted Frank La Rue, the UN special rapporteur on freedom of expression, through various Soros-funded evenings like this one at NYU, and its his decidedly anti-American antagonism which has driven the Internet resolutions at the UN seeking a) absolute encryption for non-state actors, regardless of whether they commit crimes b) rejection of law-enforcement access to the Internet in the legitimate pursuit of crimes c) blessing of non-governmental human rights groups forever as never being involved in crime and worthy of such power -- a position that comes out of Frank's understandable but not universal experience of being a leftist activist lawyer in oppressive Guatemala in the 1980s.

Yes, it's hard to believe -- although CNN did ask the questions of the leftist German journalists who broke this story in the first place -- that this is not verified. We don't have any sample conversations. We don't know what she thought or what her position was internally on the even of important events like NATO summits. We haven't learned of any fact other than that her number was in a list of numbers held by the NSA which they may have scanned for meta data.

But why wasn't the story *reported* from the get-go by journalists being skeptical of the usual Snowden Team active measure, and asking questions directly about it?! Is Richard Orange going to run a correction?

Norway -- let alone Germany -- were never moved to launch privacy resolutions at the UN over their own activity, all these years, including sharing with the NSA.

So here we all are. A tendentious portrayal of the US as some "killer" of privacy that Russia and even Germany and even Norway killed long ago, without a whimper from the NGO gotcha-gang all this time -- but suddenly, when WikiLeaks and their Russian supporters have an opportunity to exploit Snowden backlash even further in pursuit of their anti-American goals, they obviously seize it.

11/10/2013

When the Guardian claimed, based on the stolen Snowden files, that the NSA was tampering with the very standards of encryption, they won over many more conservative geeks who weren't wild-eyed and rabid like Jacob Appelbaum and those in the hacker set. They tapped into a sense of both superiority and paranoia that all geeks have about themselves and code -- it was a brilliant social hack (I continue to maintain that most of what Snowden has produced is a giant social hack, from the con of 25 of his fellow employees to give him their passwords (!) to providing single slides or partial documents or plumbing sketches or outlines in lieu of hard, solid content deliberately, so as to incite hysteria that is hard to then shut up while the facts are parsed.

They claimed that through secret partnerships with commercial firms like Google or Facebook or Microsoft or Intel, the NSA was exploiting vulnerabilities or getting themselves private keys to decode texts:

But security experts accused them of attacking the internet itself and the privacy of all users. "Cryptography forms the basis for trust online," said Bruce Schneier, an encryption specialist and fellow at Harvard's Berkman Center for Internet and Society. "By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet." Classified briefings between the agencies celebrate their success at "defeating network security and privacy".

Once again, it's only Bruce Schneier -- the cybersecurity expert who always leaned toward defense of hacker culture and objectives and who has now fully embraced them by joining the board of Electronic Frontier Foundation.

The long Guardian article never supplies anything like proof -- and hasn't learned -- like the Washinton Post's Bart Gellman and his geek sidekick Ashkan Soltari -- to make impressive, complicated geeky diagrams. They do claim there was something in...2006:

Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.

"Eventually, NSA became the sole editor," the document states

That was when the New York Times published their famous article after waiting on it for some time.

Yet we're not told what it was, exactly. What kind of weakness? Where?

Something like that TLS handshake issue with the mobile app data heading first before the handshake? (No doubt that was devised to reduce latency -- after all, it's only communicating information about the phone and the app, and most users aren't going to find that a big deal -- so the handshake to validate the ID and the server comes later, so what? Only a geek could care if the lag meant the NSA could jump in the middle, because most people don't think they'll be bothered by the NSA.)

Despite the absence of any real proof, or any explicit walk-through of any actual case of weakening, this is now taken as an article of faith.

But Mikko cites no proof of this claim that NSA tampered with the algorithms. (He also fails to mention the hacking of his own country by Russia -- his reply to me about this -- that the news story I cited from November 8 came after the taping of his TED talk -- is singularly lame, given that a guru like him should have known of such a huge hack of his country ages before the news came out.)

Again: I haven't seen a single second source (outside the Snowden Brotherhoold) validate this claim of tampering. I totally get that it is possible, and a concern. What I don't see is replication of the claim. A couple of slides and a few Googlers do not constitute validation -- that's partial and speculative, like Greenwald's initial story.

The reason I don't buy it is simple: I see that Matthew Green is still not conceding it. All the Snowden geeks can do then is call him names; Greenwald implies he's a pussy because he then won't take the same set of Snowden materials they are all looking at and comment on them. But you know, that's because he isn't a journalist, and couldn't hide behind journalism, doing that...

Mikko spouts the theory that the USG deliberately spread malware to undermine Microsoft -- a country hacking itself, he says. Oh, come now. You're not worried about the Chinese and Russians?!

Mikko makes the outrageous claim that Skype was secure before it was sold to Microsoft, that it had end-to-end encryption and was safe. But that's ridiculous. One of the top cybersecurity gurus in NYC whom I happened to discover used to be horrified years ago, long before the sale to Microsoft, that I let Skype on my system because he found it full of flaws and vulnerabilities -- everyone knew about its backdoors. The Belarusian secret police had Skype conversations before the Microsoft sale. Please. Let's not be children here.

It's really annoying when people like him who are technical experts then spout political nonsense wrapped around it and think that their scientific knowledge is enough to validate their political views and manipulations. For example, his silly notions of the "existential" problem of the war on terrorism as being fake. He needs to check in with Madrid, or London or Moscow just on his continent if he doesn't want to contemplate our 9/11.

Then he says this -- which is very appealing to the countries of Europe: "I'd much rather have a domestic Big Brother than a foreign Big Brother" -- i.e. the US, running the cloud industry or search, via Google.

It's actualy especially appealing to countries with big powerful neighbours like, oh, even Russia, but not only Russia -- under the pretext of saying they need to hide from the Great Satan America, they can actually do the hiding from the places they really need to hide from -- Russia and China. Say, if that's how they have to sell it to domestic audiences, let them.

Despite Eric Schmidt's touching faux belief in old-fashioned borders remaining after he gets done Internetizing things, and even land valuation, the reality is that there aren't borders as there once were, that lots of artificial distinctions get made, and in fact, there's a very real question of whether absolute encryption by each individual government will become a demand that countries of the world will get met, on their own, if international bodies won't accept this.

That is, international standards may remain, but there will be encryption with locally-devised algorithms that keep out others like barbed-wire fences and mined fields. Will this be possible?

I'm not sure it's the worst idea at all --- and at this point, if we're talking Big Brothers, I'd rather have EU countries that are individual Big Brothers than a global Big Brother that Russia and China invade, and I'd rather have individual EU Big Brothers than groups like Anonymous or WikiLeaks or Occupy become the absolute-encrypted Big Brothers (they call themselves Little Brothers; they'll be big in a heart-beat with that unaccountable power -- and in fact already are.)

Obviously, if the global contenders for Big Brother role are China or Russia or America, I'd pick America because I think it will have far more freedom and accountability (as it already has running the Internet; one could argue, if you accept Snowden (and I don't), that the free American system produced a Snowden which then remedied the unfree aspects of the system -- no Snowden would appear in China or Russia. So there.)

Really, it's a war about encryption. Would you rather have script kiddies encrypting, or the EU? I'll pick door no. 2.

Mikko makes a nod to the rights of law-enforcement to pursue crime. But he think this is wildly exaggerated, and he thinks that a) NSA is dredging ALL communications of everybody everywhere and therefore b) this harms privacy and doesn't.

There's no concept of the combing of selected streams as being "not intrusive."

"You show me your search history, and I will find something incriminating in five minutes," he says, and yet doesn't take his laser-stare off the NSA for all that, and put it on Google, which is of course, at fault for retaining these searches -- something that the EU privacy tsars are always fighting Google about in lawsuits and deals.

So, what to do about this awful thing with this big Orwellian over-reaching monster called the NSA which has done these terrible things? Why, Snowden isn't to blame for harming the US cloud industry (which we don't know is ruined yet, actually) any more than Al Gore is to blame for global warming. (He like those cheering in the audience obviously think not only is there nothing to debate about global warming, even if everyone agrees, that there's nothing to debate about what the response should be.)

"The solution is open source," he says. Ahh, there we go. The cult of open source. And let me remind you of the distinctly authoritarian culture that comes with that cult, even if you are forced to use open source on this very Internet, just like you can't get away from American-manufactured cloud stuff -- although Mikko urges everyone to try.

NIST noted that it has worked closely with the NSA to help develop encryption standards, due to the NSA's expertise in this area. NIST is also required to consult with the NSA by U.S. legal statute. But the agency noted that its process for vetting encryption algorithms is an open one, in which anyone can review and comment on the work being done.

"If vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible," the statement read.

Even in making their hysterical pleas, Global Voices is forced to say they don't know:

These revelations imply that the NSA has pursued an aggressive program of obtaining private encryption keys for commercial products—allowing the agency to decrypt vast amounts of Internet traffic sent by users of these products. They also suggest that the agency has attempted to put backdoors (well-hidden ways to access data) into cryptographic standards designed to secure users’ communications. Additionally, the leaked documents make clear that companies that manufacture these products have been complicit in allowing this unprecedented spying to take place, though the identities of cooperating companies remain unknown.

Many important details about this program, codenamed Bullrun, are still unclear. What communications are targeted? What service providers or software developers are cooperating with the NSA? What percentage of private encryption keys of targeted commercial products are successfully obtained? Does this store of private encryption keys (presumably procured through theft or company cooperation) contain those of popular web-based communication providers like Facebook and Google?

I really do highly recommend reading the geek Twitter interchanges with Matthew Green et. al. closely to see the dynamics involved. Note: Appelbaum is no longer working with the Guardian (small wonder there, as he accused them of sitting on Snowden stories). We don't know if that means if he is still working with Greenwald (seems not) or if Snowden has ditched him (I'll bet he has.)

Some are using the argument now -- trying to appeal to what they think are "a state's best interests," that you can't allow the NSA to introduce back doors, and industry should resist this, because otherwise terrorists and criminals exploit them.

Well, sure, every day, spammers and virus-spreaders exploit software and make everyone's life miserable, even outside the dynamics of Snowden/NSA and the US cloud industry versus people like Mikkol and his consulting clients in the EU.

I'm not buying this argument now because:

o you haven't proved that the NSA did this tampering

o you haven't proved that non-state actors have this capacity

o you haven't indicated any other way for law enforcement to do its legitimate duty.

It's that last part that troubles me more than anything -- Mikko like so many is far too casual about how exactly the police can track hackers like Snowden if the Lavabits of the world deny even federal agents with warrants, and even judge's orders. What is the plan now?

We're supposed to let the Lavabits of the world decide who they think are criminals and who aren't? Really, guys? Again, door no. 2.

They are doing this in the form of a General Resolution that merely calls for the UN High Commissioner for Human Rights to issue a report to be discussed at another session of the General Assembly so it isn't the amendment of a treaty or even a general comment on the treaty jurisprudence -- yet -- but it still is a dangerous and slippy road.

Precisely for that reason, and because the Snowden claims really have not been impartially validated by any credible body or litigated successfully anywhere, the US has fended this off several times since the Snowden story broke. Germany seemed to see reason, but now since claims have surfaced based on Snowden's stolen files -- not proven -- that Merkel's phone was tapped, they are back at it again.

Opening up for re-negotiation of language like this related to this long-controversial treaty honoured more in the breach than in letter or spirit by some countries like Russia, Iran, China, Pakistan, Sudan, and Cuba is a bad idea because it enables enemies of free speech to come in the door and undo the hard-won progress of decades.

Waiting in the wings with great glee is the Organization of Islamic Conference (OIC), or the Arab League, which has been trying to undo freedom of speech for years, in the Third Committee of the General Assembly and the Human Rights Council in Geneva. The OIC calls for a notion of "defamation of religion," i.e. criticism of theocratic states like their own, and seeks to punish such "defamation" -- which is essentially a blasphemy law. The US worked long and hard in co-sponsoring a resolution on these issues with Egypt which held back some of these attempts -- indeed, if the US had used this language in statements at the time of the hate film in Cairo and Benghazi, there would have been a lot more clarity (instead, they catered to Islamists, as Obama also did in his UN speech at the time).

Basically, the that HRC resolution called for recognizing a principle of hate speech prosecution only in cases when there was "incitement of imminent violence," i.e. the Supreme Court test also recognized by other countries. So general speech, even if insulting, would not be prosecuted if it did not call for immediate violence acts (and that doesn't mean speech that insults someone and then they get violent, as happened with the hate film at the time.)

The OIC is pushing this forward and now also introducing notions of "the rights of the family," i.e. family values to also attract other conservatives.

The countries that really put surveillance on religious and political dissidents and minorities are of course Russia, China, Iran, Pakistan, Sudan, Cuba and all the other "like-minded" as they call themselves (they are dubbed "the bad-minded" by NGOs).

Led by Russia, they've all been working hard lately to undo the effectiveness of the treaty bodies that examine compliance with these UN rights covenants in a variety of ways, attacking their independence and their cooperation with NGOs.

So now Germany is simply playing to this choir.

Once you open up hard-set treaty language like this to new negotations directed politically at the US, as UN states supportive of human rights surely know, you let in the flood gates of a lot of other killer amendments. To gain the support of the OIC -- which isn't going to like language curbing surveillance of course! -- the EU may make some compromises and let in some of this "Islamophobia" stuff which is antithetical to free speech and legitimate criticism of oppressive theocratic states and Islamist terrorist groups. Or it may not in this resolution, but it will have to them compromise somewhere else with these countires in the endless horse-trading that goes on at the UN.

And then of course you may get "family values" conservative notions and suppression of press freedom in the interests of some "better world" and all the rest. This is the UN. The UN is all about the bad-minded constanlty making bad-faith efforts to pretend to be about human rights even as they kill them off. Germany should know better, but it is so blinded by leftwing anti-Americanism right now it is willing to risk teaming up with Russia and China to savage America. Let's hope America will be there when they need it for other things (migrants).

The text is also filled with problems, starting with PP7, "Noting that while concerns about national security and criminal activity may justify the gathering and protection of certain sensitive information...." Er, "may"? Why? DOES should be the word here, because concerns are legitimate and prosecution of criminal activity including terrorism is legitimate.

With good reason, in these freedom of expression covenants there is language about "except for such limitations as are necessary to maintain public order and safety in a democratic society". This bit was added in decades ago by the Western countries to ensure that the Soviet Union and other bad-faithed actors didn't use the notion that restraints were allowed on free speech for illegitimate purposes of suppressing dissent.

Now Germany is re-opening all this and subjecting it to the same manipulation by the bad-minded.

There is also reiteration and recapitulation of rights that already exist; indeed, if you were really serious about concerns about the NSA, you would have already plenty of language to use in the ICCPR and the later resolution on the Internet at the HRC, which notes that offline rights apply online, to submit any cases or concerns about the Snowden relevations.

Indeed, if the Soros crowd -- who sponsored Frank La Rue, the special rapporteur on Freedom of Expression, and helped him draft a lot of the language of his reports which you now see migrating into this draft resolution -- were really sincere about this and not just politicking, they'd submit a case re: the Snowden claims, say, on collection of phone metadata or the tapping of EU leaders' phone calls, to the Human Rights Committee. I suspect there it would wither for lack of substantiated documentation, even with some members there ready with great zeal to try to push it through.

Precisely because they can't make their case the normal way -- they don't have a case, and the ACLU lost in law-faring on this issue already in the US courts -- they've re-opened negotiating the entire treaty language with these proposed amendments.

If/when it passes, like so many other bad-faithed efforts at the UN (like the "right to housing" used against Israel), it will be directed only against the US -- like the High Commissioner for Human Rights' recent speech which harangued the US on surveillance without any reference to Russia, which has added only more and more features to its SORM surveillance that dwarfs what the US does, without any of the checks and balances.

Perhaps people in Washington think that the UN doesn't matter, and they can let Germany vent its spleen here, and let the whole Soros-funded gang and Frank La Rue have their way in a place where it doesn't count. I'm sure that's the sort of thinking you're getting from the cynics in the White House and State.

But the UN does matter as it bleeds out into many other venues, and and this resolution then migrates to the ITU and IGF venues and helps the bad actors take over the Internet and kick out the US.